Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    file.exe

  • Size

    338KB

  • Sample

    221225-nd9q7sbd78

  • MD5

    c657dda51197887c07acb2c0020741d6

  • SHA1

    b7ad6e0288310078e3dcac605b0a93213f352282

  • SHA256

    7fb81b96e4df407058f5c9b96096f409c2783db604d67f31dcb4d2d8b38e917f

  • SHA512

    361c0b45604defb7191553ffe48e6bf0982c4bf1e8ed720a7a9c4fb8d3f92fb921e04aac7bf7e85d274b0f4c0716c889fdb0ea7f5579c5eec7f5fca149a8b64a

  • SSDEEP

    6144:cLSRLYTCFKu2N4vyFtE7DiheOvE2ZHrNcEpDsUCe/hTx3PJ/NhnGymI:c4ngu2N47OvEyHrnNx/VNh9m

Malware Config

Targets

    • Target

      file.exe

    • Size

      338KB

    • MD5

      c657dda51197887c07acb2c0020741d6

    • SHA1

      b7ad6e0288310078e3dcac605b0a93213f352282

    • SHA256

      7fb81b96e4df407058f5c9b96096f409c2783db604d67f31dcb4d2d8b38e917f

    • SHA512

      361c0b45604defb7191553ffe48e6bf0982c4bf1e8ed720a7a9c4fb8d3f92fb921e04aac7bf7e85d274b0f4c0716c889fdb0ea7f5579c5eec7f5fca149a8b64a

    • SSDEEP

      6144:cLSRLYTCFKu2N4vyFtE7DiheOvE2ZHrNcEpDsUCe/hTx3PJ/NhnGymI:c4ngu2N47OvEyHrnNx/VNh9m

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Accesses 2FA software files, possible credential harvesting

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks